With the increasing popularity of networked computing environments, such as the Internet, there has been a corresponding increase in the demand for secure transactions between networked computers. For example, when a user of the Internet sends information to another user, it may be useful for the recipient to verify that the data received has not been corrupted or otherwise altered during transmission. Furthermore, the recipient may also find it useful to be able to verify the identity of the sender in order to verify that the data received was actually sent by the proper sender, as opposed to an impostor. As a result, methods and algorithms that increase the security of data transmitted over computer networks and other data links have been developed and deployed with some success. The more secure methods tend to include encrypting all or part of the data prior to sending it, and likewise decrypting the received data prior to using it. Such encryption and decryption techniques may, for example, include adding encryption data to the data file, and encoding or otherwise transforming the data in the data file with a computer system by running a "signature algorithm".
There are currently several signature algorithms in use. One popular signature algorithm is actually a combination of a Message Digest algorithm and an RSA encryption algorithm (e.g., MD5 with RSA, or MD2 with RSA, or the like). U.S. Pat. No. 4,405,829, issued Sep. 20, 1983 describes the combination of a Message Digest with the RSA that is available from RSA Data Security, Inc. of Redwood City, Calif. Another popular signature algorithm is the DSA encryption algorithm. The DSA encryption algorithm, which is available from the United States Government, may be used for limited purposes by private parties as a signature algorithm. These signature algorithms will be discussed in limited detail below. For a more detailed description of these and other signature algorithms and related encryption operations, refer to Applied Cryptography, Second Edition, 1996, by Bruce Schneier which is available from John Wiley & Sons, Inc. of New York City, N.Y., and which is herein incorporated, in its entirety, by reference.
The Message Digest with RSA algorithm includes the capability to generate a "digital signature" that can be added to data files. Digital signatures are basically mechanisms through which users may authenticate the source of a received data file. A digital signature is typically a special sequence of data that can be generated and provided along with a related data file to other users. The basic concept behind most signature algorithms is that every user (e.g., individuals, companies, governments, etc.) will have a "key pair" that includes both a "private key" and a "public key". A key may, for example, be a numerical sequence. The private key is a unique key that is assigned to a single user and intended to be kept secret by that user. The private key may be used by the assigned user to create a digital signature for a data file with a signature algorithm. The public key, on the other hand, is typically made available to all other users. The public key may be used by these other users to verify that the digital signature on a received data file is authentic (i.e., that the digital signature was created with the private key). The verification process is accomplished with the same signature algorithm. In principle, such a verification process may provide a relatively high level of confidence in the authenticity of the source of the received data.
In addition to digital signature generating algorithms, there are also algorithms that may be used to authenticate that the data file has not been corrupted in some manner. These algorithms are typically known as "one-way hash functions." One example of such an algorithm is the Message Digest, discussed above. A one-way hash function usually does not require a key. Rather, one-way hash functions typically include additional data that is inserted into the data file. As such, when the data file is received, the hash function may be used to verify that none of the data within the data file has been altered since the generation of the hash function. However, hash functions are typically limited in that the user can not infer anything about the origin of the associated file, such as who sent it. It is noted that many signature algorithms use one-way hash functions as internal building blocks.
For relatively open, unsecured networks such as the Internet, it is often useful for users to be able to authenticate received data files prior to using them. Such data files may include, but are not limited to, computer programs, graphics, text, photographs, audio, video, or other information that is suitable for use within a computer system. Regardless of the type of data file, authentication may be accomplished with a signature algorithm or similar type of encryption algorithm as described above. By way of example, if the data file is a software program, the user may wish to authenticate that it was sent by a trustworthy authority prior to exposing his or her computer system to the software program, to insure that the program does not include a "Trojan Horse" that infects the user's computer with a virus. In such a case, the sending user may authenticate the data as described above.
Another example is where the receiving user wishes to authenticate a text and/or image data file prior to displaying it on his or her computer screen. This may be useful to control the display of text and images having undesirable content. For example, parents may want to limit any access their children may have to pictures and text relating to adult subjects and materials. This can be accomplished by verifying that the data file (e.g., a text or image file), came from a trusted source. Similarly, providers of text and image files may want to provide a "stamp" of approval or authenticity so as to control the use of tradenames and other intellectual property.
Unfortunately, the process of encrypting and decrypting, signing and verifying, and/or generating hash functions places an additional burden on the sending and receiving user's computational resources. The burden is compounded for users who send and receive several data files. By way of example, the growth of the portion of the Internet known as the World-Wide Web has lead to a tremendous increase in the transfer of multiple data files between users. These multiple data files often include the components or objects that constitute an object-oriented software process, such as a Java.TM. applet. To illustrate the potential burden that can be placed on the receiving user's computer resources in such a multiple data file transfer, one need only calculate the resulting processing time associated with verifying the digital signatures for each of the files. Consider an example wherein a Java.TM. applet includes 200 digitally signed Java.TM. class files (including data files), and the average verification period is about 1 second on a conventional desktop PC. In such a situation, the user would have to wait for about 200 seconds after receiving the data files to use the applet. Such delays may significantly reduce the effectiveness of such a computer network environment. This is especially true for data files relating to a timed process, such as streaming audio or video data file in real (or near-real) time.
Therefore, what is desired are more efficient methods, apparatuses and products for securing and verifying the authenticity of data files, especially for data files intended to be transferred over computer networks.